15 December 2025

The risks of re-identification: Why governance starts with not holding what you don’t need

This article is not written, or presented as legal advice nor opinion. Readers should neither act, nor rely on opinion(s) in this article and linked materials without seeking legal counsel.

In summary

• Most privacy conversations focus on compliance. But the real issue is governance: understanding what data you have, why you have it, and whether you should be holding it at all
• When a breach happens, it’s not just names that leak, it’s the inferences. Once data becomes exposed, the fallout escalates fast: legal risk spikes, regulators start asking hard questions, and reputational damage lands long before the lawyers do.
• The real blind spot isn’t just personal information, it’s implicative data: data your systems infer about people by combining and analysing seemingly harmless information.
• The new standard of care is simple but demanding: don’t keep what you don’t need, de-identify what you can, and train the people making the decisions.

The governance gap: where risk actually starts

Across marketing, product and data teams, “more data” has become a reflex.

More events.
More identifiers.
More fields.
More history.

Often without a clear answer to one basic question: why are we holding this?

The governance gap usually shows up as:

• Personal information being captured or stored without a clear business necessity.
• Data piling up faster than it’s ever reviewed, minimised or deleted.
• Access creeping wider over time, long after the original purpose has faded.

Most organisations aren’t reckless. They’re just operating on momentum.

But in a world of advanced modelling and AI, data accumulation isn’t neutral. Every extra data point increases the surface area for risk, misuse, or unintended re-identification.

Governance now means discipline, not just documentation.

What de-identification really means

Many teams equate de-identification with “removing names and emails”. But true de-identification goes far beyond blanking out obvious identifiers.

In marketing, re-identification often feels harmless, stitching together signals to improve measurement, optimise campaigns, or personalise experiences. Louder helps clients do exactly this with first-party data through CAPI and Enhanced Conversions, unlocking stronger attribution and better ROI.

But the same combinations of “harmless” data points that make marketing smarter can create privacy harm if a breach occurs. What feels anonymous inside a controlled workflow can become highly identifying once it’s combined with datasets you can’t see.

True de-identification means that a person cannot be reasonably re-identified, even when your data is matched, modelled, or enriched with someone else’s. That’s where most modern risk lives.

It’s also why common industry shortcuts fall short. There’s still a widespread belief that hashing equals de-identification. It doesn’t. As Louder’s Ian Kenney has explained, hashed customer data can often be decrypted or easily matched, hashed PII is still PII.

De-identification isn’t about removing a field; it’s about reducing what your data can reveal under the worst conditions, not just the ideal ones.

Because a few seemingly harmless data points, when linked or modelled, can start revealing:

• Health status or pregnancy
• Financial stress
• Employment patterns
• Where someone lives and works
• What vulnerabilities they might have

This is implicative data, not what people give you, but what your systems infer about them. And it’s often where sensitive information sneaks in without anyone ever consciously “collecting” it.

The human problem in data decisions

Here’s the uncomfortable part. A lot of the people deciding what happens to this data are not trained to understand its risk.

They’re product leads.
Marketing managers.
Data analysts.
Developers.

Highly capable in their roles, but often without deep visibility into:

• How datasets link across an organisation
• How easily re-identification can occur
• How inference works in data ecosystems
• What regulators look for when something goes wrong

The problem isn’t bad intent. It’s overconfidence without enough context. Which is why training and awareness are becoming just as important as tools and platforms.

Because in most organisations, privacy risk isn’t caused by technology. It’s caused by decisions.

Implicative data: the invisible layer of risk

Most privacy frameworks were built around the data people knowingly give you or what you directly observe, form fields, purchase history, behaviour on site.

Implicative data sits in an entirely different category.

It’s created when systems take “non-personal” signals and generate deeply personal conclusions. And those inferences can be far more sensitive than the original inputs.

For example:

• You buy specific vitamins and unscented lotion = a system infers pregnancy.
• Your browsing times and interaction patterns = a system infers mental health status.
• Your location history and commuting habits = a system infers where you live and who you’re close to.

You never handed over this information. But it now exists and it can shape how organisations treat you, classify you, or target you.

This is why quasi de-identification methods like pseudonymisation and hashing aren’t enough. Even when obvious identifiers are removed, customer datasets can still generate highly sensitive insights once they’re modelled, enriched, or combined with other sources.

The real risk isn’t in the fields you collect. It’s in what your data allows systems to assume.

Louder’s role: reducing risk at the collection layer

Louder sits in a slightly unusual position in this ecosystem.

We help clients responsibly re-identify individuals for legitimate purposes like:

• Consent management
• Audience stitching
• Measurement
• First-party activation

Which means we also deeply understand the inverse: how easily poorly governed data can increase legal and reputational risk.

That perspective changes how we work.

Rather than sitting at the compliance layer, Louder reduces risk at the collection and architecture layer, before problems scale.

In practice, this includes:

• Auditing analytics and tagging set-ups to identify personal information leakage and consent breaches.
• Redacting and removing unnecessary identifiers before data is used, activated, or shared.
• Helping teams fix the root causes in their data capture systems rather than patching downstream symptoms.
• Using data layers and consent frameworks to minimise collection by default and ensure systems only receive what they genuinely need.

Louder recommendations

De-identification isn’t privacy hygiene, it’s foundational to responsible data practice.

The new standard is built on a clear understanding of the risks your data creates and the governance required to manage them. It’s governance, and it starts with everyday decisions, not crisis response.

Here’s what that looks like in practice:

• Don’t hold what you don’t need - Data minimisation isn’t a future clean-up job. Regularly audit what you collect, store and share, and actively delete what no longer serves a legitimate purpose.
• Privacy risk reduction is not something you “do once” and forget. Minimise risk upfront, monitor for identifiers or attributes that could lead to privacy harm in another context or when combined with other data.
• Think beyond obvious identifiers - Evaluate your data for implicative risk, not just names and emails, but what your datasets can infer when combined or modelled.
• Train the decision-makers - The real risk isn’t technology, it’s unexamined decisions. Make sure the people approving data use understand re-identification risk, inference, and governance responsibilities.
• Know your partners and platforms - Ask how vendors process it, combine it, store it, and whether they retain identifiers behind the scenes.
• Pressure-test your assumptions - Every data decision should be able to answer three questions: Do we really need this? Who else can access it? How quickly could we delete it if we had to?

Get in touch

Get in touch with Louder to discuss how we can assist you or your business and sign up to our newsletter to receive the latest industry updates straight in your inbox.